Your submission was sent successfully! Close

CVE-2014-9938

Published: 19 March 2017

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.

Priority

CVSS 3 base score: 8.8

Status

Package	Release	Status
git Launchpad, Ubuntu, Debian	precise	Not vulnerable (1:1.7.9.5-1ubuntu0.3)
	trusty	Does not exist (trusty was released [1:1.9.1-1ubuntu0.4])
	upstream	Released (1:2.0.0~rc2-1)
	xenial	Not vulnerable (1:2.7.4-0ubuntu1)
	yakkety	Not vulnerable

Notes

Author	Note
mdeslaur	PoC: https://github.com/njhartwell/pw3nage only affects 1.8.1+

References

Bugs

https://bugzilla.redhat.com/show_bug.cgi?id=1434415

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading